You are about to discover the full potential of Wireshark. In short, Wireshark is a network analysis tool, the network analysis tool is capable of capturing packets in real time. Allowing the operator of the tool to filter and inspect captured packets.

The Wireshark tool has evolved in the last years into a full functioning and easy to use network analysis tool. The tool provides a straight forward interface, the interface contains various advanced options and the network packets which are shown in the GUI have been categorized with colors, making it very easy to identify the packets you are looking for.

In this guide, we will take a look on how to use Wireshark to capture, filter and inspect packets within seconds.

Downloading and installing Wireshark

First of all, I want to make it very clear to download your software from legitimate and official sources only. If you do not have Wireshark installed, you will need to download and install the Wireshark application from the official source.

If you are using Ubuntu, you will be able to find the Wireshark network analysis tool in the package repositories. Simply navigate to your Ubuntu Software Center and search for ‘Wireshark’, click install and follow the instructions.

Interfaces

The network analysis tool uses interfaces to capture traffic, the interfaces are network adapters that have been detected by the network analysis tool.

In order to capture the LAN traffic that is being generated by my machine, I will need to start capturing the ‘Ethernet’ network interface.

Network interfaces

Double click on the network interface that you want to capture, in my situation, I have to select the ‘Ethernet’ network interface to start capturing my LAN network traffic. If everything is functioning as it should, you should start seeing LAN network traffic in your GUI. It should look something like this.